School of Computing and Informatics, University of North Carolina at Charlotte

"CyberDNA - Science of Security Configuration Automation"

Security configurations represent the network DNA that accurately describe the global behavior of critical network services including reachability, security, reliability and coverage for wire and wireless networks. Security configuration spans wide range of parameters from the user password, browser profile, OS and network access control for packet filtering, inspection and transformation to routing and wireless coverage policies. It has been widely cited that network misconfiguration is the main root cause for the majority of network vulnerability (about 65%) today. Rigorous automation of network configuration plays an instrumental role in maintaining and protecting the integrity of networked system, particularly mission critical networks. This talk will discuss the major challenges of security configuration automation, and present foundations for theoretical analysis for automated security verification, optimization and evaluation. Case studies from previous/current projects will be used whenever possible.

Short Bio:

Ehab Al-Shaer is an Associate Professor and the Director of the Cyber Defense and Network Assurability (CyberDNA) Center in the School of Computing and Informatics at University of North Carolina Charlotte. His primary research areas are security configuration automation, network assurability for Cyber-Physical Systems, and fault/problem diagnosis. Prof. Al-Shaer has edited, co-edited and published numerously in well-established journals and conferences his area. Prof. Al-Shaer has played a leadership role in national initiatives to create research agenda for assurable and usable security configuration (SafeConfig), and Moving Target Defense programs. Prof. Al-Shaer's research has been funded by NSF, AFRL, Duke Energy, Cisco, Intel and others.